package jdbc2;

import com.tedu.InputUtil;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;

/*
* 使用预编译SQL语句
* */
public class JDBCDemo7 {
    public static void main(String[] args) {
        UserInfo userInfo = InputUtil.getInputObject(new UserInfo(),"欢迎登录","登录");
        try (Connection connection = DBUtil.getConnection()){
            String sql = "SELECT id,username,password,nickname,age " +
                    "FROM userinfo " +
                    "WHERE username = ? AND password = ?";
            //先将预编译SQL发送给数据库服务器,让其理解语义
            PreparedStatement ps = connection.prepareStatement(sql);
            //通过PreparedStatement对"?"指定对应值
            ps.setString(1,userInfo.getUsername());
            ps.setString(2,userInfo.getPassword());
            ResultSet rs = ps.executeQuery();
            if(rs.next()){
                System.out.println("登录成功");
            }else{
                System.out.println("登录失败,用户名或密码不正确");
            }
        }catch (Exception e){
            e.printStackTrace();
        }
    }
}
